CVE-2013-6739
CVE-2013-6739 is a medium-severity vulnerability in Ibm Spss Modeler with a CVSS 3.x base score of 5.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-284.
Key facts
- Severity: Medium (CVSS 3.x base score 5.4)
- CVSS v2: 5.5
- EPSS exploit prediction: 1% (56th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-284
- Affected product: Ibm Spss Modeler
- Published:
- Last modified:
Description
IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. IBM X-Force ID: 89855.
Frequently asked questions
- What is CVE-2013-6739?
- IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token. IBM X-Force ID: 89855.
- How severe is CVE-2013-6739?
- CVE-2013-6739 has a CVSS 3.x base score of 5.4, rated medium severity. It is exploitable over network with low attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity low, and availability none.
- Is CVE-2013-6739 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (56th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2013-6739?
- CVE-2013-6739 affects Ibm Spss Modeler. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2013-6739?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2013-6739 published?
- CVE-2013-6739 was published on 2018-04-27 and last updated on 2026-06-17.
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21663960
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89855
Affected products (1)
- cpe:2.3:a:ibm:spss_modeler:*:*:*:*:*:*:*:*
More vulnerabilities in Ibm Spss Modeler
- CVE-2023-33842 — Medium (CVSS 6.2): IBM SPSS Modeler on Windows 17.0, 18.0, 18.2.2, 18.3, 18.4, and 18.5 requires the end user to have access to the server…
- CVE-2012-5769 — Medium (CVSS 5.8): IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and…
- CVE-2020-4717 — Medium (CVSS 5.5): A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create symbolic link…
- CVE-2015-4991 — Medium (CVSS 4.0): IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1…
- CVE-2014-3038 — Low (CVSS 3.6): IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to…
All CVEs affecting Ibm Spss Modeler →
Other CWE-284 (Improper Access Control) vulnerabilities
- CVE-2026-50746 — Critical (CVSS 10.0): A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi…
- CVE-2026-46978 — Critical (CVSS 10.0): Vulnerability in the Oracle Solaris product of Oracle Systems (component: Remote Administration Daemon). The…
- CVE-2026-35308 — Critical (CVSS 10.0): Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars).…
- CVE-2026-35307 — Critical (CVSS 10.0): Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that…
- CVE-2026-46695 — Critical (CVSS 10.0): Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers…
- CVE-2026-46840 — Critical (CVSS 10.0): Vulnerability in Oracle REST Data Services (component: Backend-as-a-Service). Supported versions that are affected are…
Browse all CWE-284 (Improper Access Control) vulnerabilities →